<?php
/******************************************
 * Author: <YOUR NAME HERE>
 * Description: <YOUR DESCRIPTION HERE>
 ******************************************/
class Groups { 


	function Groups($db){ 
    }

	/***********************************
 	 * Add:         Allows the insertion of values into the Table.
 	 * Parameters:  $id, $userid, $groupid
 	 * Return:      (Boolean) True - Successfully Inserted | False - Error
 	 ************************************/
	function add($id, $userid, $groupid){ 

		escape_string($id);
		escape_string($userid);
		escape_string($groupid);

		$statement = "INSERT INTO groups (id, userid, groupid) VALUES ('$id', '$userid', '$groupid');";
		$results   = mysql_query($statement);

		if($results){
			return true;
		}else{
			return false;
		}

	}//End add()


	/***********************************
 	 * Remove:      Allows for the removal of record from the database.
 	 * Parameters:  (String)Primary Key Column Name | (Int) Primary Key Value
 	 * Return:      (Boolean) True - Successfully Removed | False - Error
 	 ************************************/
	function remove($primaryKeyValue){ 

		escape_string($primaryKeyValue);
		
		$statement = "DELETE FROM groups WHERE id = '$primaryKeyValue'";
		$results   = mysql_query($statement);
		if($results){
			return true;
		}else{
			return false;
		}

	}//End remove()


	/***********************************
 	 * Update:      Allows for the update of a record from the database.
 	 * Parameters:  (String)Primary Key Column Name | (Int) Primary Key Value | (String) Column Name To Update | (String) New Value
 	 * Return:      (Boolean) True - Successfully Updated | False - Error
 	 ************************************/
	function update($primaryKeyValue, $columnNameToUpdate, $columnValue){ 

		escape_string($primaryKeyValue);
		escape_string($columnNameToUpdate);
		escape_string($columnValue);

		$statement = "UPDATE groups SET $columnNameToUpdate = '$columnValue' WHERE id = '$primaryKeyValue'";
		$results   = mysql_query($statement);
		if($results){
			return true;
		}else{
			return false;
		}

	}//End update()


	/***********************************
 	 * GetAll:       Returns all the records in the database.
 	 * Parameters:   NA
 	 * Return:      (MultiDimensional-Array)String
 	 ************************************/
	function getAll(){ 

		//Custom SQL Injection Escaping HERE

		$statement = "SELECT id, userid, groupid FROM groups";
		$results   = mysql_query($statement);
		$tokens[0] = 'id';
		$tokens[1] = 'userid';
		$tokens[2] = 'groupid';
		
		return transformResults($results, $tokens);

	}//End getAll()
	
	
	function getGroup($userid){ 

		escape_string($userid);

		$statement = "SELECT groupid FROM groups WHERE userid = '$userid'";
		$results   = mysql_query($statement);
		
		$tokens[0] = 'groupid';
		
		return transformResults($results, $tokens);

	}
	
	function getGroupUsers($grupId){ 
		
		escape_string($grupId);

		if ($grupId != -1){
			$statement = "SELECT email, firstname FROM users u INNER JOIN groups g ON g.userid = u.id WHERE g.groupid = '".$grupId."'";
			$results   = mysql_query($statement);	
			$tokens[0] = 'email';
			$tokens[1] = 'firstname';
			return transformResults($results, $tokens);
		}
		return $results;

	}//End getObject()


	/***********************************
 	 * GetObject:   Returns a specific record form the batabase.
 	 * Parameters:  (Int) Primary Key Value
 	 * Return:      (Array)String
 	 ************************************/
	function getObject($primaryKeyValue){ 

		escape_string($primaryKeyValue);

		$statement = "SELECT id, userid, groupid FROM groups WHERE id = '".$primaryKeyValue."'";
		$results   = mysql_query($statement);
		
		$tokens[0] = 'id';
		$tokens[1] = 'userid';
		$tokens[2] = 'groupid';
		
		return transformResults($results, $tokens);

	}//End getObject()


}//End Class groups
?>